Loading

PN1623 | PanelView™ 800 – Remote Code Execution Vulnerabilities

Severity:
Critical
Advisory ID:
PN1623
公開日:
May 11, 2023
最終更新日:
September 08, 2025
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
いいえ
Corrected:
いいえ
Workaround:
いいえ
CVE IDs
CVE-2019-16748,
CVE-2020-36177
概要
PanelView™ 800 – Remote Code Execution Vulnerabilities

 

Revision Number
1.1
Revision History
Version 1.0 - May 11, 2023
Version 1.1 - September 8, 2025

Affected Products

Affected Product First Known in Software Version Corrected in Software Version
PanelView™ 800 - 2711R-T4T V5.011 V8.011
PanelView™ 800 - 2711R-T7T V5.011 V8.011
PanelView™ 800 - 2711R-T10T V5.011 V8.011

Vulnerability Details

Rockwell Automation uses the latest version of the CVSS scoring system to assess the following security issues.

CVE-2020-36177 IMPACT
RsaPad_PSS in WolfSSL before version 4.6.0 has an out-of-bounds write. This is for certain relationships between key size and digest size. It is utilized in the PanelView™ 800 and could allow an attacker to accomplish a heap buffer overflow. This happens if the user has the email feature enabled in the project file where WolfSSL is used. The feature is disabled by default.

CVSS Base Score: 9.8
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787 Out-Of-Bounds Write


Known Exploited Vulnerability (KEV) database: No

CVE-2019-16748 IMPACT
In WolfSSL through version 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. There is a one-byte heap-based buffer over-read in CheckCertSignature ex in wolfcrypt/src/asn.c. WolfSSL that is utilized in the PanelView™ 800. This could allow an attacker to accomplish a heap buffer overflow if the user has the email feature enabled in the project file where WolfSSL is used. This feature is disabled by default.

CVSS Base Score: 9.8
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-125 Out-Of-Bounds Read


Known Exploited Vulnerability (KEV) database: No

Customers can use Stakeholder-Specific Vulnerability Categorization to create more environment-specific categories.

Risk Mitigation & User Action

Customers using the affected software  should use the below risk mitigations.
  • Upgrade to V8.011 which has been patched to mitigate these issues.
  • Ensure that the email feature is disabled (This is disabled by default).
  • For information on how to mitigate Security Risks on industrial automation control systems (IACS) networks see the following publications:
    • System Security Design Guidelines Reference Manual publication, SECURE-RM001
    • Configure System Security Features User Manual, SECURE-UM00
  • Customers should use our QA43240 - Recommended Security Guidelines from Rockwell Automation to minimize risks.

Additional Resources

  • CVE-2020-36177 JSON
  • CVE-2019-16748 JSON

Glossary

ASN.1: Abstract Syntax Notation One is a standard interface description language for defining data structures that can be serialized and deserialized in a cross-platform way

Handshaking: the process of establishing a connection between two devices or systems before actual data transmission begins

Heap-based Memory Buffer Overflow: a type of buffer overflow that occurs in the heap data area. Memory on the heap is dynamically allocated at runtime and typically contains program data. 

Out-of-Bounds Write: when the software writes data past the end or before the beginning of an intended buffer, leading to data corruption, crashes or code execution

RsaPad_PSS: (RSA-Public Key Signature Scheme) a cryptographic method that uses the RSA algorithm for signing and verifying messages

WolfSSL: a small, portable SSL/TLS library designed for embedded system and RTOS environments

 

Rockwell Automation Home
Copyright ©2022 Rockwell Automation, Inc.
  1. Chevron LeftChevron Left ロックウェル・オートメーションのホーム Chevron RightChevron Right
  2. Chevron LeftChevron Left Trust & Security Chevron RightChevron Right
  3. Chevron LeftChevron Left Industrial Security Adv Chevron RightChevron Right
  4. Chevron LeftChevron Left Industrial Security Advisory Detail Chevron RightChevron Right
を続行するには、クッキーの設定を更新してください.
この機能には、お客様の利便性を向上させるためにクッキーが必要です。これらのクッキーを許可するように設定を更新してください:
  • ソーシャルメディア・クッキー
  • 機能性クッキー
  • パフォーマンスクッキー
  • マーケティングクッキー
  • 全てのクッキー
いつでも設定を更新することができます。詳しくは{0}をご覧ください プライバシーポリシー
CloseClose